From 312c52d6135ed84ec365c34bf30910e8b1060b6f Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 7 Dec 2025 04:37:17 -0600 Subject: [PATCH] test: setting up nas structure --- modules/nixos/default.nix | 2 +- modules/nixos/nas/default.nix | 18 +++++++++ .../nixos/nas/opencloud/config/default.nix | 3 +- modules/nixos/nas/opencloud/default.nix | 39 +++++++++--------- .../nixos/nas/photoprism/config/default.nix | 29 ++++++++++---- modules/nixos/nas/photoprism/default.nix | 35 ++++++++-------- .../nixos/nas/syncthing/config/default.nix | 7 ---- modules/nixos/nas/syncthing/default.nix | 40 +++++++++---------- 8 files changed, 100 insertions(+), 73 deletions(-) create mode 100644 modules/nixos/nas/default.nix diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix index 8a9155a..721d117 100755 --- a/modules/nixos/default.nix +++ b/modules/nixos/default.nix @@ -83,7 +83,7 @@ in impermanence lix microvm - opencloud0 + nas sambaEris ; }; diff --git a/modules/nixos/nas/default.nix b/modules/nixos/nas/default.nix new file mode 100644 index 0000000..b5c7b4a --- /dev/null +++ b/modules/nixos/nas/default.nix @@ -0,0 +1,18 @@ +{ + flake, + pkgs, + lib, + ... +}: +let + syncthing = import ./syncthing { inherit flake; }; + photoprism = import ./photoprism { inherit flake lib; }; + opencloud = import ./opencloud { inherit flake pkgs; }; +in +{ + imports = [ + syncthing + photoprism + opencloud + ]; +} diff --git a/modules/nixos/nas/opencloud/config/default.nix b/modules/nixos/nas/opencloud/config/default.nix index 9e7fbcf..ef809cd 100644 --- a/modules/nixos/nas/opencloud/config/default.nix +++ b/modules/nixos/nas/opencloud/config/default.nix @@ -91,7 +91,7 @@ in network = { enable = true; networks."20-lan" = { - matchConfig.Name = "enp0s6"; + matchConfig.Name = "enp0s5"; addresses = [ { Address = "${ip}/24"; } ]; @@ -110,7 +110,6 @@ in tmpfiles.rules = [ "d /var/lib/${serviceCfg.name} 0755 ${serviceCfg.name} ${serviceCfg.name} -" "z /etc/opencloud 0700 ${serviceCfg.name} ${serviceCfg.name} -" - ]; }; microvm = { diff --git a/modules/nixos/nas/opencloud/default.nix b/modules/nixos/nas/opencloud/default.nix index 51c757d..636ced6 100644 --- a/modules/nixos/nas/opencloud/default.nix +++ b/modules/nixos/nas/opencloud/default.nix @@ -1,6 +1,6 @@ -{ flake, ... }: +{ flake, pkgs, ... }: let - inherit (import ./config) opencloudVM; + inherit (import ./config { inherit flake pkgs; }) opencloudVM; inherit (flake.config.people) user0; opencloudNick = opencloudVM { @@ -12,23 +12,24 @@ let host = ""; }; - opencloudStacie = opencloudVM { - user = "stacie"; - ip = "192.168.50.68"; - mac = "02:00:00:00:58:68"; - userMac = "02:00:00:00:00:68"; - ssh = 2508; - host = ""; - }; + # opencloudStacie = opencloudVM { + # user = "stacie"; + # ip = "192.168.50.68"; + # mac = "02:00:00:00:58:68"; + # userMac = "02:00:00:00:00:68"; + # ssh = 2508; + # host = ""; + # }; - opencloudGarnet = opencloudVM { - user = "garnet"; - ip = "192.168.50.69"; - mac = "02:00:00:00:59:69"; - userMac = "02:00:00:00:00:69"; - ssh = 2509; - host = ""; - }; + # opencloudGarnet = opencloudVM { + # user = "garnet"; + # ip = "192.168.50.69"; + # mac = "02:00:00:00:59:69"; + # userMac = "02:00:00:00:00:69"; + # ssh = 2509; + # host = ""; + # }; in -opencloudNick // opencloudStacie // opencloudGarnet +opencloudNick +# // opencloudStacie // opencloudGarnet diff --git a/modules/nixos/nas/photoprism/config/default.nix b/modules/nixos/nas/photoprism/config/default.nix index 63fcefb..a8f7c20 100644 --- a/modules/nixos/nas/photoprism/config/default.nix +++ b/modules/nixos/nas/photoprism/config/default.nix @@ -1,6 +1,6 @@ { - config, flake, + lib, ... }: let @@ -35,8 +35,10 @@ in PHOTOPRISM_DEFAULT_LOCAL = "en"; }; passwordFile = "/run/secrets/${user}-pass"; + storagePath = "/var/lib/${serviceCfg.name}"; originalsPath = "/var/lib/${serviceCfg.name}-media"; importPath = "photos"; + address = "0.0.0.0"; }; openssh = { enable = true; @@ -47,6 +49,13 @@ in }; }; + users.users.photoprism = { + isSystemUser = true; + group = "photoprism"; + home = "/var/lib/photoprism"; + }; + users.groups.photoprism = { }; + networking.firewall.allowedTCPPorts = [ 22 2342 @@ -54,6 +63,13 @@ in systemd = { services = { + photoprism = { + serviceConfig = { + DynamicUser = lib.mkForce false; + User = serviceCfg.name; + Group = serviceCfg.name; + }; + }; systemd-networkd.wantedBy = [ "multi-user.target" ]; @@ -78,12 +94,11 @@ in }; }; - tmpfiles.rules = [ - "Z /var/lib/${serviceCfg.name} 0755 ${serviceCfg.name} ${serviceCfg.name} -" - "d /var/lib/${serviceCfg.name}-media 0755 ${serviceCfg.name} ${serviceCfg.name} -" - "d /var/lib/${serviceCfg.name}-media/photos 0755 ${serviceCfg.name} ${serviceCfg.name} -" - - ]; + # tmpfiles.rules = [ + # "d /var/lib/${serviceCfg.name} 0755 ${serviceCfg.name} ${serviceCfg.name} -" + # "d /var/lib/${serviceCfg.name}-media 0755 ${serviceCfg.name} ${serviceCfg.name} -" + # "d /var/lib/${serviceCfg.name}-media/photos 0755 ${serviceCfg.name} ${serviceCfg.name} -" + # ]; }; microvm = { diff --git a/modules/nixos/nas/photoprism/default.nix b/modules/nixos/nas/photoprism/default.nix index 10fe3c2..aa53dd2 100644 --- a/modules/nixos/nas/photoprism/default.nix +++ b/modules/nixos/nas/photoprism/default.nix @@ -1,6 +1,6 @@ -{ flake, ... }: +{ flake, lib, ... }: let - inherit (import ./config) photoprismVM; + inherit (import ./config { inherit flake lib; }) photoprismVM; inherit (flake.config.people) user0; photoprismNick = photoprismVM { @@ -11,21 +11,22 @@ let ssh = 2504; }; - photoprismStacie = photoprismVM { - user = "stacie"; - ip = "192.168.50.65"; - mac = "02:00:00:00:55:65"; - userMac = "02:00:00:00:00:65"; - ssh = 2505; - }; + # photoprismStacie = photoprismVM { + # user = "stacie"; + # ip = "192.168.50.65"; + # mac = "02:00:00:00:55:65"; + # userMac = "02:00:00:00:00:65"; + # ssh = 2505; + # }; - photoprismGarnet = photoprismVM { - user = "garnet"; - ip = "192.168.50.66"; - mac = "02:00:00:00:56:66"; - userMac = "02:00:00:00:00:66"; - ssh = 2506; - }; + # photoprismGarnet = photoprismVM { + # user = "garnet"; + # ip = "192.168.50.66"; + # mac = "02:00:00:00:56:66"; + # userMac = "02:00:00:00:00:66"; + # ssh = 2506; + # }; in -photoprismNick // photoprismStacie // photoprismGarnet +photoprismNick +# // photoprismStacie // photoprismGarnet diff --git a/modules/nixos/nas/syncthing/config/default.nix b/modules/nixos/nas/syncthing/config/default.nix index ace2ac2..fe62290 100644 --- a/modules/nixos/nas/syncthing/config/default.nix +++ b/modules/nixos/nas/syncthing/config/default.nix @@ -195,12 +195,5 @@ in systemd.tmpfiles.rules = [ "d /mnt/storage/users/${user}/guests/${serviceCfg.name} 0751 microvm wheel - -" ]; - - sops.secrets = { - "${serviceCfg.name}/${user}-pass" = { - owner = "root"; - mode = "0600"; - }; - }; }; } diff --git a/modules/nixos/nas/syncthing/default.nix b/modules/nixos/nas/syncthing/default.nix index 79375c2..323f246 100755 --- a/modules/nixos/nas/syncthing/default.nix +++ b/modules/nixos/nas/syncthing/default.nix @@ -1,6 +1,6 @@ { flake, ... }: let - inherit (import ./config) syncthingVM; + inherit (import ./config { inherit flake; }) syncthingVM; inherit (flake.config.people) user0; syncthingNick = syncthingVM { @@ -9,29 +9,29 @@ let mac = "02:00:00:00:51:61"; userMac = "02:00:00:00:00:61"; ssh = 2501; - syncID = "RMDKNJY-BTX6FYF-G6SR332-WS6HARI-PF74SC6-VPBSGRQ-MKVQZEQ-KSIB6QV"; + syncID = "OALKHLZ-OODUWVX-PAC2LI7-UMZMSZO-FELLRCD-RS4DHJS-PVA5YQK-WTFXXQI"; deviceIP = "192.168.50.8"; }; - syncthingStacie = syncthingVM { - user = "stacie"; - ip = "192.168.50.62"; - mac = "02:00:00:00:52:62"; - userMac = "02:00:00:00:00:62"; - ssh = 2502; - syncID = ""; - deviceIP = ""; - }; + # syncthingStacie = syncthingVM { + # user = "stacie"; + # ip = "192.168.50.62"; + # mac = "02:00:00:00:52:62"; + # userMac = "02:00:00:00:00:62"; + # ssh = 2502; + # syncID = ""; + # deviceIP = ""; + # }; - syncthingGarnet = syncthingVM { - user = "garnet"; - ip = "192.168.50.63"; - mac = "02:00:00:00:53:63"; - userMac = "02:00:00:00:00:63"; - ssh = 2503; - syncID = ""; - deviceIP = ""; - }; + # syncthingGarnet = syncthingVM { + # user = "garnet"; + # ip = "192.168.50.63"; + # mac = "02:00:00:00:53:63"; + # userMac = "02:00:00:00:00:63"; + # ssh = 2503; + # syncID = ""; + # deviceIP = ""; + # }; in syncthingNick